Double spending - Mike Hearn - Medium


submitted by FrontpageWatch to longtail [link] [comments]

How Can Double-Spending Be Prevented?

How Can Double-Spending Be Prevented?
What is double-spending? To understand what double-spending means, we must first understand how a blockchain network works. All cryptocurrencies use what is known as a blockchain. It is essentially a chain of blocks where each block is made up of digital information about transactions. Bitcoin and other cryptocurrencies cannot be forged because the blockchain is public and immutable. Because of a consensus algorithm each chain has, it is almost impossible for someone to form a transaction or block.
Picture this, James sends Kate 4 Bitcoin. This transaction is made public, and everyone receives information about it. Also, the transaction has to be verified. If James doesn’t have 4 Bitcoin, the verification will fail, and Kate will not receive any Bitcoin. The verification process happens through the consensus algorithm.

Can Double-Spending Really Happen?

Double-spending happens when an attacker spends the same funds twice. For example, if James sends 4 Bitcoin to Kate and also to Alex at the same time, only one of the transactions will be confirmed. This problem is easier to solve on centralized systems; if there is a central institute like a bank, it can take charge of the problem. However, since blockchain is decentralized, there is no specific one responsible for the double-spending attack.
Even though the consensus algorithm partly prevents double-spending, unfortunately, this cannot be the final solution as the problem can still occur. Theoretically, if someone were able to hold more than 50% of the mining power available, he or she would have the ability to overturn network transactions and may make double-spending valid.
Although this might seem unlikely, it can happen for real. In 2014, the mining pool obtained 51% of Bitcoin’s hashing power but capped their power at 39.99% to increase the trust in the network. However, this event raised significant concerns about the safety of the network, as most mining power seems to be in control of a few parties only.
Other cryptocurrencies have suffered 51% attacks, Bitcoin Gold, for example, was hit by a 51% attack in 2018 and just recently in 2020.

The Final Solution for Double-Spending, FLETA

FLETA is a blockchain-based platform for the creation of decentralized applications. FLETA employes an innovative sharding model where each shard operates individually and independently. Each DApp on the FLETA network operates independently and doesn’t rely on other DApps as it has its own sub-chain.
Because each chain operates independently in a parallel structure, data is not shared between the chains, and chains are not affected by each other. For this reason, double spending is not feasible and provides a high transaction speed.
Also, FLETA’s consensus algorithm, PoF(Proof-of-Formulation), prevents the double-spending problem. Its mining node, Observer Node, confirms a generated block real-time, and confirmation of 3 out of 5 observer nodes is necessary. This system eliminates the possibility of double-spending.


Although the initial consensus mechanism works, it is not entirely secure against double-spending attacks. A 51% attack has been shown to be achievable even in cryptocurrencies.
FLETA has been able to create an innovative sharding model that allows each chain to operate independently. Moreover, its PoF consensus algorithm confirms a block systematically in real-time. Thanks to them, FLETA is free from the double-spending issue.
submitted by fleta-official to fletachain [link] [comments]

Ghash @ 41% (again)

No one cares anymore? This is almost as high as a week ago, an event that filled the front page of bitcoin.
Does this mean that miners have moved back from other pools to Ghash? Eligius has dropped a few % after gaining the same amount, just to give an example
Would it mostly be their own hashing power thats increasing through
Please refer to this link if you want to read discussions from 5 days ago (it searches this subreddit for ghash, gives all the big threads in from 5 days ago)
submitted by WoodsKoinz to Bitcoin [link] [comments]


WARNING: GHASH.IO IS NEARING 51% – LEAVE THE POOL submitted by awd2r4 to Bitcoin [link] [comments]

I'm a Bitcoin maximalist but we need to talk about 51%.

Recession happened, the USD failed and all major fiat followed. Bitcoin has finally been considered a global payment system and was adapted by the general population. Anyone who owns a complete Bitcoin is featured in a wealthy people's list. Now government does not have the power they used to have over people and it drove them crazy to the point where they decided to construct a plan of attack against the Network. All they need is 51% ownership of the network, Bitmain has 40% and governments can easily accuse this company of running a scheme to facilitate money laundering operations through BTC production. Therefore taking the company down and using their hash power and do the same with other mining company till they reach 51%. Creating a documented flaw in the Bitcoin network and potentially causing the double spending that blockchain was developed to avoid. People start to lose faith in this form of money and get back to government's newly established and regulated digital payment system or whatever.
I once read that 15 billion USD is enough to produce the power needed to overcome the network, that's nothing to governments if they decided to "regain control"
I think we can all agree that if a government does not have control over people's money, they don't have any kind of control. "Give me control of a nation's money and I care not who makes its laws."
To say that 51% is impossible is naive, imagine what would have happened if decided not to reduce its share of the network back in 2014. Bitcoin might not be what it is today.
drop your thoughts please.
submitted by Leader92 to Bitcoin [link] [comments]

50% hash rate. In we trust!

50% hash rate. In we trust! submitted by BitcoinOdyssey to Bitcoin [link] [comments]

Is Anyone Else Concerned About

Looking at the graphs on, has an estimated 37% of the hashing power for the past 24 hours. They have been growing rapidly, and were at less than 25% a month ago. If they continue to grow at this rate, it's highly possible they could control 51% of the network. They show no signs of stopping, and they've been known to use their power maliciously to double spend.
I know pessimistic posts are usually frowned upon in this subreddit, but I"m just wondering what can be done about this. poses a threat to bitcoin, and they can potentially destroy the whole decentralization of the currency, which is exactly what Bitcoin is about. Considering their bad history of double spends and other things, I'm a bit worried.
Is there any way to stop them, besides people attempting to mine for other small pools? Mining is out of the control for most people since decent ASICs are extremely expensive and mostly unprofitable. The proof of work algorithm used for Bitcoin is unlikely to change due to how difficult it would be to get everyone to adapt and for it to go smoothly. How can this be dealt with? I'm highly afraid for the future of Bitcoin.
submitted by skilliard4 to Bitcoin [link] [comments]

How do we keep BTC decentralized (the 51% attack)

Remember when back in 2014 gained so much control over Bitcoin they almost drowned the whole coin?
51% attack is a big concern of the crypto community. Basically, any pool large enough can control the blockchain.
"They could prevent transactions of their choosing from gaining any confirmations, thus making them invalid, potentially preventing people from sending Bitcoins between addresses. They could also reverse transactions they send during the time they are in control (allowing double spend transactions), and they could potentially prevent other miners from finding any blocks for a short period of time."
This is very dangerous considering that hashrates are getting higher but we don't even know where it all comes from.
as biba8163 mentioned in the daily discussion thread, and Antpool (who're owned by Bitmain) now own 30% and are increasing by the day.
Bitmain did approach 51% too last year so it all still seems pretty sketchy
What do we do about this? Join independent pools? What other solutions are there? I believe this is going to be a recurring problem if we don't deal with it right now
submitted by ownblocks to CryptoCurrency [link] [comments]

It's 51% day again!

Right on schedule, the frontpage is full of network takeover warnings and discussion. Happy 51% day!
... on a more serious note, please, for the love of Satoshi, stop using centralized mining pools and especially stop using "cloud mining" services. It's just asking for trouble. This really shouldn't have to come up every few weeks.
Use P2Pool instead. I get it, documentation is insufficient, and so on and so on. It doesn't matter. Invest an hour in figuring out P2Pool, the network will thank you for it later.
submitted by joepie91 to Bitcoin [link] [comments]

WARNING! GHash.IO Reaches 5 Ph/s

GHash.IO reached 5 Ph/s today and shows no sign of slowing down. A few days ago during the panic, they were at about 4.6 Ph/s. Miners, please do yourselves and all the Bitcoin community a favor and switch to P2Pool before it's too late. If people cannot trust the network, Bitcoin becomes worthless.
submitted by PleaseStopGhash to Bitcoin [link] [comments]

The Shame of ChainLocks: Dash Forced To Abandon Nakamoto Concensus

Sorry Dash. I have some bad news.
Proof-of-work isn’t suitable for small cryptocurrencies.
It seems that while PoW works for Bitcoin, it doesn't always work for smaller cryptocurrencies.
It seems that proof-of-work (PoW), the consensus protocol behind Bitcoin, isn’t ideal for smaller cryptocurrencies, because they’re far more vulnerable to what are called 51 percent attacks. At least five PoW digital currencies have been affected by such attacks in the last two months.
Dash suffered 51 percent attacks last month causing a theft of more than a million dollars.
On Tuesday, Dash suffered another attack of the same kind — resulting in a theft of more than 35 million Darkcoins worth over $1.7 million at the time.
Dash Masternodes reportedly continues to suffer from a 51 percent attack as well, and has already resulted in a theft of over $100,000 so far.
51 percent attacks occur when one entity gains control over 51 percent of the network hash-rate. This entity can now both prevent valid transactions from occurring as well as reverse already occurred transactions on the blockchain. A single coin can even be spent twice from the same origin with this sort of control, in what’s called a double-spend.
PIVX, a hard fork of Dash with no embarrassing Instamine, also suffered a double-spend attack last week. Their control over the blockchain allowed them to make off with more than $35 million worth of PIVX.
The fact that all of these cryptocurrencies utilize the X11 PoW consensus protocol of Dash raises some doubt over the suitability of the protocol.
It’s virtually impossible for Monero's or Bitcoin’s blockchain to be compromised by a 51 percent attack because it will require a lot of hashing power to gain more than 50 percent control over it — although, a Bitcoin mining pool, has come close; not once, but twice.
But, is carrying out a 51 percent attack on smaller cryptocurrencies easier? We asked Bitcoin developer Peter Todd:
If PoW is used naively, yes. PoW relies on being able to outspend your attacker; a smaller currency with its own PoW chain has fewer resources that it can afford to devote to defence, so it’s less secure.
Todd notes that in cases such as Dash, it is the technical glitches with their blockchains that allow these cryptocurrencies to be compromised so easily. But even if these flaws are fixed, it won’t exactly solve the problem of 51 percent attacks on their blockchains — for PoW to work in the way it is intended, you still need to be able to outspend your attacker.
Todd explains that, all of these cryptocurrencies that suffered the attack have chosen the naivest possible technical architecture : to have an entirely separate PoW chain for each of their currency.
The smart way to implement what they’re attempting to do is to share the security of an existing PoW chain. There’s quite a few ways to do this, including the embedded consensus mechanism that the OMNI protocol pioneered. Tether as an example happens to use OMNI on Bitcoin, so if you wanted to attack Tether, you’d have to do a 51 percent attack on the entire Bitcoin ecosystem.
“The important thing to note with all those currencies is they’re just copy-cat clones of existing stuff, created in pump and dump schemes,” Todd notes of the attacks. “I suspect the coins that have been attacked recently use that technology simply because it’s easier to copy and paste existing code rather than do the real work of technology development – they’re pump and dump schemes after all.”
There are rising concerns over the number of cryptocurrencies that are simply cloning existing blockchains. As we reported earlier, Bitcoin alone has seen more than 44 hard forks since August last year, and most of them don’t bring anything new to the table.
Despite being riddled with technical flaws, Dash used to be popular with traders many years ago.
All four cryptocurrencies that have suffered 51 percent attacks in the last two months, are among the top 100 most traded cryptocurrencies in the world at the moment. Surely the digital cash community can do better.
submitted by Eugenia_Cala to DashUncensored [link] [comments]

Bitcoin security guarantee shattered by anonymous miner with 51% network power

Bitcoin security guarantee shattered by anonymous miner with 51% network power submitted by SmellsLikeAPig to Anarcho_Capitalism [link] [comments] under attack? ERROR 521

DDOS or Deliberate internal? Hum…
submitted by TiPs4tat to Bitcoin [link] [comments]

There seems to be a lot of major misunderstandings going on in regards to transaction confirmations (in particular, PoS sales)

So iv been reading posts/comments on here lately and it seems like there is some serious misunderstandings by alot of people in regards for the time it takes for a transaction to get confirmed on the blockchain, especially in the use case of merchant PoS sales.
You guys are comparing apples to oranges here
The time it takes for one confirmation is how long it takes for a transaction to be CLEARED. As in, verified, confirmed, 100% complete and irreversible transaction of bitcoins. In comparison, the transaction clearing time for credit cards is something around 30 - 60 days. At any point during that 30-60 period, you could find out that the credit card you used was actually stolen and the money gets reversed, plus you are out of pocket already from providing the product/service. In bitcoin, this same window is about 10 minutes to an hour.
If you see an incoming transaction to your address, you can be 99.9% sure that its legit and will eventually confirm. You absolutely do not need to force your customer to wait 10 or more minutes just to confirm their payment. Just give them the damn coffee and let them be. Would you make your customer wait in store for an 2 entire months just to make sure they dont call up their bank and make a chargeback?
In order to actually pull off a 0-confirmation double spend attempt, I believe it goes something like this (someone correct me if im wrong):
So basically, its a combination of capability (not many people know how to manually create transactions, relatively), timing, alot of luck and also having the balls to attempt it in person. Its not something thats a garunteed success rate. However if you happen to control > 50 % of the mining hash power, then it suddenly starts to become alot easier, which is why its important to keep our mining distributed (and why everyone freaked out in january over
Just think for a second how many tens of thousands (millions..?) of fraudulent credit card and bank transactions happen every single day... and not to mention how retard-edly easy it is to scam peoples credit card numbers
tl;dr it's very reasonably safe to accept 0 confirmation payments in most use cases. just dont do it for transactions where some serious cash is in play (have patience and wait the short amount of time instead)
submitted by cryptonaut420 to Bitcoin [link] [comments]

Did Ukrainians Almost Take Over Bitcoin?
This was posted on bitcoin but was mostly brushed off and downvoted. I'm curious what this reddit crowd's take on this?
Personally, I find the following troubling/concerning at the least:
submitted by PeerLuck_com to BitcoinMarkets [link] [comments]

GHash.IO - The Benevolent Overlord?

A lot of focus has been on GHash.IO and the 51% problem. Let's suppose for a moment that we can prove that GHash.IO is a benelovent agent, and although they have 51% we can be certain they will only ever mine by the rules that the bitcoin community set. This will bring several advantages:
How could we be certain GHash.IO are benelovlent? This is a tricky problem! They could be open source but it would be hard to prove that the code they run is the code they post. They could open themselves up to audit by trusted members of the community.
The best thing is to make sure that the economic insentives line up. The GHash.IO investors are no doubt heavily invested in bitcoin (something we could veify). We can then assume they won't try any attack on the bitcoin network as it will hurt their investment. Double spends are easy to spot for example, and I think any sort of DOS attack would be spotted to. Even if GHash.IO ignored other people's blocks it would be fairly obvious. Ultimately they are still beholden to the community to a large extent, so could easily be usurped if they start misbehaving.
I appreciate there are definitely ideological concerns with this scenario, but in practice would it be so bad? Perhaps we should start considering it seriously?
submitted by bitcoind3 to Bitcoin [link] [comments]

In regards to the 51% problem: ELI5 What would a hard fork look like to an average (non-miner) bitcoiner?

Talks about Hard-Forking the bitcoin blockchain to include security features against a 51% percent attack seem very political and almost impossible based off of conversation.
It requires 51% of the bitcoin mining network to start working on the new chain with updated rules, is this correct?
Does that mean users on coinbase, or those with savings in their electrum wallets; would have to do anything? Or is this a change purely miners have to worry about?
What would be involved with a hard-fork, and what are some worst-case scenarios?
submitted by ForestOfGrins to Bitcoin [link] [comments]


Rapid growth of GHash.IO mining pool, seen over the past few months, has been driven by our determination to offer innovative solutions within the Bitcoin ecosystem combined with significant investment in resource. Our investment, participation and highly motivated staff confirm it is our intention to help protect and grow the broad acceptance of Bitcoin and categorically in no way harm or damage it. We never have and never will participate in any 51% attack or double spend against Bitcoin. Still, we are against temporary solutions, which could repel a 51% threat.
In any market, competition and innovation drives growth and that is particularly true in an emerging and disruptive environment such as Bitcoin. Successful and innovative companies cannot be expected to limit their growth or competitiveness as a direct result of their success. However, this is the situation we find ourselves in when faced with the community perception of the threat of a 51% attack on Bitcoin. Asking our users to not use our services or to use competing solutions is not conducive to fostering innovation. Implementing a pool fee to our pool contradicts principles of our operation from the very launch of GHash.IO. It also does not address the core issue only pushing the problem a few weeks or months down the road when another pool or perhaps GHash.IO again grows towards 51%.
We do fully recognise the concerns and possible threat posed by an entity with malicious intent taking control of enough mining power to exploit the 51% scenario, but we also have confidence and agree with the views expressed by the Bitcoin Foundation that any such exploitation or attack ”would be obvious it was happening, and pretty easy to defend against. The transparent nature of the blockchain provides unprecedented insight for all to investigate and report such behaviours.
We also recognise however that a long term preventative solution to the threat of a 51% attack does have to be found, the current situation we find ourselves in (essentially being punished for our success) is damaging not only to us, but to the growth and acceptance of Bitcoin long term, which is something we are all striving for.
To that effect we are in the process of arranging contact to the leading mining pools and Bitcoin Foundation to propose a ‘round table’ meeting of the key players with the aim of discussing and negotiating collectively ways to address the decentralisation of mining as an industry. Our aim is to do this quickly with a possible date coinciding with the CoinSummit Conference in London.
submitted by CEX_IO to Bitcoin [link] [comments]

People Don't Realize How Serious A 50% attack Is

I understand we're tired of these posts, but please listen. If a 51% attack occurs, all trust in Bitcoin could be lost forever.
If 50% of hashing power is obtained, the controller of that power can double spend, even after multiple confirmations. If Ghash.IO reaches 50%, and someone hacks them or the operator decides to abuse it, Bitcoin could actually die. Thousands of coins could be sent to an exchange and double spent, resulting in false coins being sold or swapped out for different legitimate coins, and exchanges going bankrupt(causing a similar situation to MtGox, except it wouldn't be the exchanges' fault).
With exchanges failing due to double spends, payment processors such as Bitpay and Coinbase would also fail. Without these, no merchant could accept Bitcoin reliably.
If such an attack occurred, all merchants would lose trust in the protocol. There's already enough controversy behind Bitcoin, but the technology itself failing is enough for trust in Bitcoin to forever be destroyed. Even if everyone moved their hashing power AFTER the attack, the damage would be far too much for any major merchant to even consider trusting it again.
Miners, I understand you may consider Ghash.IO to be the most profitable, or the most convenient, etc, but the integrity of Bitcoin is at stake. If Bitcoin fails, your ASICs lose their value, and your profits decline far more. I hope the value and integrity of Bitcoin is more important than the slight convenience or lower fees you may get at GHash.IO.
submitted by skilliard4 to Bitcoin [link] [comments]

GHash.IO & double spending

Some of this data is from bitcointalk, I'll attribute the authors as I go


Put on your thinking cap:

"getblocktemplate moves block creation to the miner, while giving pools a way to set down the rules for participation. While pools can do just as much as they could before by expressing it in these rules, miners can not be kept in the dark and are enabled to freely choose what they participate in mining. This improves the security of the Bitcoin network by making blocks decentralized again."
A risk that is difficult to assess is whether the large mining pools validate coinbase tx content included by miners in their pool.
(To test, you "just" need to be the member of a pool who successfully solves a block; and also write a custom miner to include a specific coinbase tx that the pool did not ask you to provide. (Credit to bee7 here for this idea).
It's possible that the GHash.IO operators control (or are colluding with) a significant portion of the mining capacity of Elgius and Slush (I picked those two pools because of their abysmal orphan (luck) rate); This hypothesis is supported by the data in this post.
There are, of course, other very reasonable explanations for the "luck variance" observation:
...but there is also additional circumstantial evidence that GHash.IO have bad actors:

Credit to mmitech for this next bit of research:

In September I witnessed a lot of double-spending against BetCoin Dice. It happened between 25th and 27th Sept.
The mechanism was simple: send betcoin a tx with 0 fee, then wait for a result tx, if your bet is a win, then confirm your tx, otherwise double-spend it.
  1. Here I'll give you a bunch of transactions which you can examine. Note this is a chain of transactions, so just click on outputs to see. The double-spending of losing bets was performed by someone mining to , you can check it yourself.
  2. I tracked coins down to the origin The most interesting address here is 12PcHjajFJmDqz28yv4PEvBF4aJiFMuTFD It's been involved in similar actions, look at this chain of win-only tx's And the most interesting fact is that these zero-fee tx's inbetween winning ones were mined by exclusively. Possibly this was a test attack.
  3. Going further, I found the address the earnings from attack were sent to: 12e8322A9YqPbGBzFU6zXqn7KuBEHrpAAv And then part of these funds (125 BTC) was sent to's mining address:
  4. Furthermore, I checked the funds mined to 1MA7CKbWMyKdPkmsbnwmfeLh1hYy5A3gy8 In these 2 succeeding tx's they were moved to 199kVcHrLdouz9k9iW3jh1kpL7j9nLg7pn
This address is interesting, because it contains 6000 BTC and ~30% of funds come from mining address.
  1. And the last thing to spot:, being about 25% of network back then, didn't find a single block to its address between 25th and 27th of september!
Ok smarties: Any other thoughts/theories/criticisms to these hypotheses? Post below if you're considering changing pools now.
2014-Jun-03 11:18PM PDT edit: Fixed formatting issues
2014-Jun-03 11:25PM PDT edit: Clarified negative effect in TL;DR
2014-Jun-04 01:40PM PDT edit: Clarified point about pool hopping
submitted by bullshbit to Bitcoin [link] [comments]


Блокче́йн (англ. blockchain, изначально block chain) — выстроенная по определённым правилам непрерывная последовательная цепочка блоков (связный список), содержащих информацию. Чаще всего копии цепочек блоков хранятся на множестве разных компьютеров независимо друг от друга.
Впервые термин появился как название полностью реплицированной) распределённой базы данных, реализованной в системе «Биткойн», из-за чего блокчейн часто относят к транзакциям) в различных криптовалютах, однако технология цепочек блоков может быть распространена на любые взаимосвязанные информационные блоки. Биткойн стал первым применением технологии блокчейн в октябре 2008 года.
Блок транзакций
Блок транзакций — специальная структура для записи группы транзакций в системе Биткойн и аналогичных ей. Транзакция считается завершённой и достоверной («подтверждённой»), когда проверены её формат и подписи, и когда сама транзакция объединена в группу с несколькими другими и записана в специальную структуру — блок. Содержимое блоков может быть проверено, так как каждый блок содержит информацию о предыдущем блоке. Все блоки выстроены в одну цепочку, которая содержит информацию обо всех совершённых когда-либо операциях в базе. Самый первый блок в цепочке — первичный блок (англ. genesis block) — рассматривается как отдельный случай, так как у него отсутствует родительский блок.
Блок состоит из заголовка и списка транзакций. Заголовок блока включает в себя свой хеш, хеш предыдущего блока, хеши транзакций и дополнительную служебную информацию. В системе Биткойн первой транзакцией в блоке всегда указывается получение комиссии, которая станет наградой майнеру за созданный блок. Далее идёт список транзакций, сформированный из очереди транзакций, ещё не записанных в предыдущие блоки. Критерий отбора из очереди задаёт майнер самостоятельно. Это не обязательно должна быть хронология по времени. Например, могут включаться только операции с высокой комиссией или с участием заданного списка адресов. Для транзакций в блоке используется древовидное хеширование, аналогичное формированию хеш-суммы для файла в протоколе BitTorrent). Транзакции, кроме начисления комиссии за создание блока, содержат внутри параметра input ссылку на транзакцию с предыдущим состоянием данных (в системе Биткойн, например, даётся ссылка на ту транзакцию, по которой были получены расходуемые биткойны). Операции по передаче майнеру комиссии за создание блока не имеют «входных» транзакций, поэтому в данном параметре может указываться любая информация (для них это поле носит название англ. Coinbase parameter).
Созданный блок будет принят остальными пользователями, если числовое значение хеша заголовка равно или меньше определённого целевого числа, величина которого периодически корректируется. Так как результат хеширования функции SHA-256 считается необратимым, на данный момент нет алгоритма получения желаемого результата, кроме случайного перебора. Если хеш не удовлетворяет условию, то в заголовке изменяется параметр nonce и хеш пересчитывается. Обычно требуется большое количество пересчётов. Когда вариант найден, узел рассылает полученный блок другим подключенным узлам, которые проверяют блок. Если ошибок нет, то блок считается добавленным в цепочку и следующий блок должен включить в себя его хеш.
Величина целевого числа, с которым сравнивается хеш, в системе Биткойн корректируется через каждые 2016 блоков. Запланировано, что вся сеть системы Биткойн должна тратить на генерацию одного блока примерно 10 минут, на 2016 блоков — около двух недель. Если 2016 блоков сформированы быстрее, то цель немного уменьшается и достичь её становится труднее, в противном случае цель увеличивается. Изменение сложности вычислений не влияет на надёжность сети Биткойн и требуется лишь для того, чтобы система генерировала блоки почти с постоянной скоростью, не зависящей от вычислительной мощности участников сети.

Цепочка блоков

📷Основная последовательность блоков (чёрные) является самой длинной от начального (зелёный) до текущего. Побочные ветви (фиолетовые) отсекаются.
Блоки одновременно формируются множеством «майнеров». Удовлетворяющие критериям блоки отправляются в сеть, включаясь во все репликации) распределённой базы блоков. Регулярно возникают ситуации, когда несколько новых блоков в разных частях распределённой сети называют предыдущим один и тот же блок, то есть цепочка блоков может ветвиться. Специально или случайно можно ограничить ретрансляцию информации о новых блоках (например, одна из цепочек может развиваться в рамках локальной сети). В этом случае возможно параллельное наращивание различных ветвей. В каждом из новых блоков могут встречаться как одинаковые транзакции, так и разные, вошедшие только в один из них. Когда ретрансляция блоков возобновляется, майнеры начинают считать главной цепочку с учётом уровня сложности хеша и длины цепочки. При равенстве сложности и длины предпочтение отдаётся той цепочке, конечный блок которой появился раньше. Транзакции, вошедшие только в отвергнутую ветку (в том числе по выплате вознаграждения), теряют статус подтверждённых. Если это транзакция по передаче биткойнов, то она будет поставлена в очередь и затем включена в очередной блок. Транзакции получения вознаграждения за создание отсечённых блоков не дублируются в другой ветке, то есть «лишние» биткойны, выплаченные за формирование отсечённых блоков, не получают дальнейших подтверждений и «утрачиваются».
Таким образом, цепочка блоков содержит историю владения, с которой можно ознакомиться, например, на специализированных сайтах.
Блокчейн формируется как непрерывно растущая цепочка блоков с записями обо всех транзакциях. Копии базы или её части одновременно хранятся на множестве компьютеров и синхронизируются согласно формальным правилам построения цепочки блоков. Информация в блоках не шифрована и доступна в открытом виде, но отсутствие изменений удостоверяется криптографически через хеш-цепочки (элемент цифровой подписи).
База публично хранит в незашифрованном виде информацию о всех транзакциях), подписываемых с помощью асимметричного шифрования. Для предотвращения многократной траты одной и той же суммы используются метки времени, реализованные путём разбиения БД на цепочку специальных блоков, каждый из которых, в числе прочего, содержит в себе хеш предыдущего блока и свой порядковый номер. Каждый новый блок осуществляет подтверждение транзакций, информацию о которых содержит и дополнительное подтверждение транзакций во всех предыдущих блоках цепочки. Изменять информацию в блоке, который уже находится в цепи, не практично, так как в таком случае пришлось бы редактировать информацию во всех последующих блоках. Благодаря этому успешная double-spending атака (повторная трата ранее израсходованных средств) на практике крайне маловероятна.
Чаще всего умышленное изменение информации в любой из копий базы или даже в достаточно большом количестве копий не будет признано истинным, так как не будет соответствовать правилам. Некоторые изменения могут быть приняты, если будут внесены во все копии базы (например, удаление нескольких последних блоков из-за ошибки в их формировании).
Для более наглядного объяснения механизма работы платёжной системы Сатоси Накамото ввёл понятие «цифровая монета», определив его как цепочку цифровых подписей. В отличие от стандартизированных номиналов обычных монет, каждая «цифровая монета» имеет свой собственный номинал. Каждому биткойн-адресу может сопоставляться любое количество «цифровых монет». При помощи транзакций их можно делить и объединять, при этом сохраняется общая сумма их номиналов за вычетом комиссии.
До версии 0.8.0 для хранения цепочки блоков основной клиент использовал Berkeley DB, начиная с версии 0.8.0 разработчики перешли на LevelDB.

Подтверждение транзакций[править | править код]

Пока транзакция не включена в блок, система считает, что количество биткойнов на некоем адресе остаётся неизменным. В это время есть техническая возможность оформить несколько разных транзакций по передаче с одного адреса одних и тех же биткойнов разным получателям. Но как только одна из подобных транзакций будет включена в блок, остальные транзакции с этими же биткойнами система будет уже игнорировать. Например, если в блок будет включена более поздняя транзакция, то более ранняя будет считаться ошибочной. Есть небольшая вероятность, что при ветвлении две подобные транзакции попадут в блоки разных ветвей. Каждая из них будет считаться правильной, лишь при отмирании ветви одна из транзакций станет считаться ошибочной. При этом не будет иметь значения время совершения операции.
Таким образом, попадание транзакции в блок является подтверждением её достоверности вне зависимости от наличия других транзакций с теми же биткойнами. Каждый новый блок считается дополнительным «подтверждением» транзакций из предыдущих блоков. Если в цепочке 3 блока, то транзакции из последнего блока будут подтверждены 1 раз, а помещённые в первый блок будут иметь 3 подтверждения. Достаточно дождаться нескольких подтверждений, чтобы вероятность отмены транзакции стала очень низкой.
Для уменьшения влияния подобных ситуаций на сеть существуют ограничения на распоряжение только что полученными биткойнами. Согласно сервису, до мая 2015 года максимальная длина отвергнутых цепочек была 5 блоков. Необходимое число подтверждений для разблокирования полученного зависит от программы-клиента либо от указаний принимающей стороны. Клиент «Bitcoin-qt» для отправки не требует наличия подтверждений, но у большинства получателей по умолчанию выставлено требование 6 подтверждений, то есть реально воспользоваться полученным обычно можно через час. Различные онлайн-сервисы часто устанавливают свой порог подтверждений.
Биткойны, полученные за создание блока, протокол разрешает использовать после 100 подтверждений[16], но стандартная программа-клиент показывает комиссию через 120 подтверждений, то есть обычно воспользоваться комиссией можно примерно через 20 часов после её начисления.

«Двойное расходование»

Основная статья: Двойное расходование
Если контролировать более 50 % суммарной вычислительной мощности сети, то существует теоретическая возможность при любом пороге подтверждений одни и те же биткойны передать два раза разным получателям — одна из транзакций будет публичной и подтверждаться в общем порядке, а вторая не будет афишироваться, её подтверждения будут происходить блоками скрытой параллельной ветви. Лишь через некоторое время сеть получит сведения о второй транзакции, она станет подтверждённой, а первая утратит подтверждения и будет игнорироваться. В результате не произойдёт удвоения биткойнов, но изменится их текущий владелец, при этом первый получатель утратит биткойны без каких-либо компенсаций.
Открытость цепочки блоков позволяет внести в произвольный блок изменения. Но тогда потребуется пересчёт хеша не только изменённого блока, но и всех последующих. Фактически, для такой операции потребуется мощность не меньше той, которая была использована для создания изменённого и последующих блоков (то есть всей текущей мощности), что делает такую возможность крайне маловероятной.
На 1 декабря 2013 года суммарная мощность сети превысила 6000 THash/s. С начала 2014 года объединение майнеров (пул) длительное время контролирует свыше 40 % суммарной мощности сети «Биткойн», а в начале июня 2014 года в нём кратковременно концентрировалось более 50 % мощности сети.
Двойное расходование биткойнов на практике не было зафиксировано ни разу. На май 2015 года параллельные цепочки никогда не превышали 5 блоков.


За требование к хешам блоков отвечает специальный параметр, называемый «сложность». Так как вычислительные мощности сети непостоянны, этот параметр пересчитывается клиентами сети через каждые 2016 блоков таким образом, чтобы поддерживать среднюю скорость формирования блокчейна на уровне 2016 блоков в две недели. Таким образом, 1 блок должен создаваться примерно раз в десять минут. На практике, когда вычислительная мощность сети растёт — соответствующие временные промежутки короче, а когда снижается — длиннее. Перерасчёт сложности с привязкой ко времени возможен благодаря наличию в заголовках блоков времени их создания. Оно записывается в Unix-формате по системным часам автора блока (если блок создается в пуле, то по системным часам сервера этого пула).
submitted by ivbittar to u/ivbittar [link] [comments]

Rising malleable issues at Bitcointalk forum

There are rising numbers of reports about withdrawal issues from BTC-E and Bitstamp are we at the start of exchange wars, fighting for the goxed customers, or they are checking their wallets for the possible bugs?
there are also rise of suspicious activity:
rise of double spend attempts
blockchain info
strange qt wallet transactions
*not serious - what if Bitcoin is under attack, may be by russian hackers, who flood blockchain with Sochi transactions in attempt to double spend
submitted by alex4fire to Bitcoin [link] [comments]

What is the double spending problem in Bitcoin and crypto? Bitcoin, double spending e proof of work. How Bitcoin shields you from Double Spending!  Watch Now ... Bitcoin: This is how Bitcoin Solved the Double-Spending Problem  Planet Crypto (Hindi/Urdu) Bitcoin Double-Spend Tool Now Available to All: Interview ...

Bitcoin’s solution to double-spending is that if the majority of the nodes agree on which transaction was first to be received, later attempts to double-spend are irrelevant. Bitcoin’s ... Bitcoin protects against double spending by verifying each transaction added to the shared public ledger or also known as blockchain to ensure that the inputs for the transaction had not previously already been spent. Bitcoin uses a decentralized system, where a consensus among nodes following the same protocol is substituted for a central authority. For instance, let’s assume you are buying ... Double-spending problem is the successful use of the same funds twice. Double-spending of Bitcoin is not possible as Bitcoin is protected against a double-spending problem thanks to each transaction which is added to the blockchain being verified, and the majority of funds contained in this transaction cannot have been previously spent.. Double-spending is a potential flaw in a digital cash ... Double spending of CONFIRMED transactions (a transaction with six or more confirmations) is NOT something can do as they are broadcasting their blocks that they solve. To double spend against confirmed transactions, would need to have that 51% mining a private fork and then release those blocks once they've got the double spending completed. claimed they had investigated and found an employee who had been doing the double spending and was eventually fired. However, no evidence supporting this was provided and the incident left a permanent cloud hanging over the pool. Regardless, it didn’t seem to hurt their market share much: most miners probably never heard about the incident at all.

[index] [50397] [48553] [37562] [9657] [4556] [27160] [32469] [37966] [49423] [24750]

What is the double spending problem in Bitcoin and crypto?

This is part 22 of the Blockchain tutorial explaining what double spending is. The ecash system conceived by David Chaum is used as an example why third parties are used. In this tutorial several ... Bitcoin Double-Spend Tool Now Available to All: Interview w/ Glass Hunt's Hackers - Duration: 9:11. Dash - Digital Cash 14,832 views Learn how to double spend bitcoin using the online double spend tool. Double Spend Tool - how to double spend bitcoin bitcoin double sp... One of the points that makes Bitcoin so special is that it solved the double-spending problem. This is something no one in the world was able to do prior to Satoshi Nakamoto's concept of ... Bitcoin double spend tool This video show you how to spend twice bitcoins on your wallet. Please use this information only in legal issues. Use this site on your own risk. Category Pets & Animals ...